Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
19/02/2024, 02:48
General
-
Target
6f9369808f555edbf4ec6ff7c4135e6b.exe
-
Size
486KB
-
MD5
6f9369808f555edbf4ec6ff7c4135e6b
-
SHA1
644c3d62cfd2bb828c64ab7d185a9ff497b403b4
-
SHA256
2b00a0c9581c6528441c918621bb9c882c3b1bde62433967b7f5da3c842339fe
-
SHA512
42e1cbd15c347d19ca94aa22303140b694394369ccd243732e4be7e36f927d07232620c3d26ee0bcfdb8462a8a94e8fb31304a75faf4dc812771bf8594cd26db
-
SSDEEP
12288:3O4rfItL8HPsOJaDGKYua0reFSeYIzrQH9rpYblHW7rKxUYXhW:3O4rQtGPsOJ6HhprS/QH9rpIA3KxUYX0
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\6f9369808f555edbf4ec6ff7c4135e6b.exe"C:\Users\Admin\AppData\Local\Temp\6f9369808f555edbf4ec6ff7c4135e6b.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\261.tmp"C:\Users\Admin\AppData\Local\Temp\261.tmp" --helpC:\Users\Admin\AppData\Local\Temp\6f9369808f555edbf4ec6ff7c4135e6b.exe BAA2F07A2B917F36B980E5232B137336478000933E15DDCA2428CCEF471D6FD689724BB2AA10157B813E60902A2C6D2A4DAD1FBAD93F2F6384D5871F2A2D74AE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5f8e2b8b6f329dbe1d04dc9d0d05f9c21
SHA11cabb019d7b48a31ad1e5713bba208f92533a81b
SHA2563d8cebd4889e9e9357251ed2687b70a8d14f6de24bcbb8dd8842133d888d4e8e
SHA5120fe713641f1326525ab3842e794ea8c9b9a36412b92b6b57050282a928efc53299840bc0b9db53805a96fc9486c3aea732fc33f537362dfcbbc4b85f741971d8